Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(systemtags): unify restrict_creation_to_admin handling #51288

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

fix(systemtags): unify restrict_creation_to_admin handling #51288

wants to merge 4 commits into from

Conversation

skjnldsv
Copy link
Member

@skjnldsv skjnldsv commented Mar 5, 2025
edited
Loading

Fix #51233
Fix #51247

  • Properly allow bulk tagging if tag restriction is active, only prevent creation and color update
  • Added Bulk tagging cypress checks for this use case
  • Properly check restriction in dav plugin
  • Adjusted the differences between default (false) and value handling as bool (previously string)

@skjnldsv skjnldsv requested review from a team as code owners March 5, 2025 16:05
@skjnldsv skjnldsv requested review from artonge, nfebe and sorbaugh and removed request for a team March 5, 2025 16:05
@skjnldsv skjnldsv self-assigned this Mar 5, 2025
@skjnldsv skjnldsv force-pushed the fix/admin-tag-color-prevent branch from 6ef85aa to 9f77664 Compare March 5, 2025 16:16
@skjnldsv skjnldsv force-pushed the fix/admin-tag-color-prevent branch from 9f77664 to e41d716 Compare March 5, 2025 16:16
susnux
susnux reviewed Mar 5, 2025
View reviewed changes
apps/systemtags/src/components/SystemTagPicker.vue
import { elementColor, invertTextColor, isDarkModeEnabled } from '../utils/colorUtils'
import { getNodeSystemTags, setNodeSystemTags } from '../utils'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
import { getNodeSystemTags, setNodeSystemTags } from '../utils'
import { getNodeSystemTags, setNodeSystemTags } from '../utils.ts'

susnux
susnux reviewed Mar 5, 2025
View reviewed changes
apps/systemtags/src/components/SystemTagPicker.vue
@@ -204,6 +209,8 @@ export default defineComponent({
emit,
Status,
t,
// Either tag creation is not restricted to admins or the current user is an admin
canEditOrCreateTag: !restrictSystemTagsCreationToAdmin || getCurrentUser()?.isAdmin,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

name clash with line 251

susnux
susnux reviewed Mar 5, 2025
View reviewed changes
apps/systemtags/src/components/SystemTags.vue
@@ -189,7 +189,8 @@ export default Vue.extend({
this.sortedTags.unshift(createdTag)
this.selectedTags.push(createdTag)
} catch (error) {
if(loadState('settings', 'restrictSystemTagsCreationToAdmin', '0') === '1') {
const systemTagsCreationRestrictedToAdmin = loadState<true|false>('settings', 'restrictSystemTagsCreationToAdmin', false) === true
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Simple types here (should be boolean), but those simple types are also inferred from default value (false) so it correctly infers boolean.

Suggested change
const systemTagsCreationRestrictedToAdmin = loadState<true|false>('settings', 'restrictSystemTagsCreationToAdmin', false) === true
const systemTagsCreationRestrictedToAdmin = loadState('settings', 'restrictSystemTagsCreationToAdmin', false)

susnux
susnux reviewed Mar 5, 2025
View reviewed changes
apps/systemtags/src/components/SystemTagsCreationControl.vue
</p>

<NcCheckboxRadioSwitch type="switch"
:checked.sync="systemTagsCreationRestrictedToAdmin"
@update:checked="updateSystemTagsDefault">
{{ t('settings', 'Restrict tag creation to admins only') }}
{{ t('settings', 'Restrict tag edition and creation to admins only') }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it is

Suggested change
{{ t('settings', 'Restrict tag edition and creation to admins only') }}
{{ t('settings', 'Restrict tag editing and creation to admins only') }}

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I checked and you're right! What a weird phrazing 😁
I would even go for

Suggested change
{{ t('settings', 'Restrict tag edition and creation to admins only') }}
{{ t('settings', 'Restrict tag creation and editing to administrators only') }}

susnux
susnux reviewed Mar 5, 2025
View reviewed changes
apps/systemtags/src/components/SystemTagsCreationControl.vue
data() {
return {
// By default, system tags creation is not restricted to admins
systemTagsCreationRestrictedToAdmin: loadState('settings', 'restrictSystemTagsCreationToAdmin', '0') === '1',
systemTagsCreationRestrictedToAdmin: loadState<true|false>('settings', 'restrictSystemTagsCreationToAdmin', false) === true,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
systemTagsCreationRestrictedToAdmin: loadState<true|false>('settings', 'restrictSystemTagsCreationToAdmin', false) === true,
systemTagsCreationRestrictedToAdmin: loadState('settings', 'restrictSystemTagsCreationToAdmin', false),

susnux
susnux reviewed Mar 5, 2025
View reviewed changes
lib/private/SystemTag/SystemTagManager.php
@@ -206,6 +208,11 @@ public function updateTag(
);
}

$user = $this->userSession->getUser();
if (!$this->canUserCreateTag($user)) {
throw new TagUpdateForbiddenException('Tag update forbidden');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMHO the message is basically the exception class name, so could also drop it.

Suggested change
throw new TagUpdateForbiddenException('Tag update forbidden');
throw new TagUpdateForbiddenException();

susnux
susnux reviewed Mar 5, 2025
View reviewed changes
lib/public/SystemTag/ISystemTagManager.php
* @param IUser|null $user user to check permission for
* @return bool true if the user is allowed to update a tag, false otherwise
*
* @since 31.0.0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* @since 31.0.0
* @since 31.0.1

susnux
susnux reviewed Mar 5, 2025
View reviewed changes
lib/public/SystemTag/TagUpdateForbiddenException.php
declare(strict_types=1);

/**
* SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors

susnux
susnux reviewed Mar 5, 2025
View reviewed changes
lib/public/SystemTag/TagUpdateForbiddenException.php
/**
* Exception when a user doesn't have the right to create a tag
*
* @since 31.0.0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* @since 31.0.0
* @since 31.0.1

@susnux
Copy link
Contributor

susnux commented Mar 5, 2025

@skjnldsv also fixed #51247 ?

@skjnldsv
Copy link
Member Author

skjnldsv commented Mar 5, 2025

@skjnldsv also fixed #51247 ?

It should yes 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@susnux susnux susnux left review comments

@artonge artonge Awaiting requested review from artonge artonge is a code owner automatically assigned from nextcloud/server-frontend

@nfebe nfebe Awaiting requested review from nfebe nfebe is a code owner automatically assigned from nextcloud/server-frontend

@sorbaugh sorbaugh Awaiting requested review from sorbaugh sorbaugh is a code owner automatically assigned from nextcloud/server-frontend

At least 2 approving reviews are required to merge this pull request.

Assignees

@skjnldsv skjnldsv

Labels
3. to review Waiting for reviews bug feature: dav feature: tags
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

restrict tag creation to admin not respected by frontend [Bug]: Multiple bugs concerning tags
2 participants
@skjnldsv @susnux